A Firebase datastore cannot validly have an underscore character in its name and the Firebase API returns a 403 HTTP status code if it does. The current logic expects that only a 404 status code means that the bucket does not exist. This results in buckets that cannot exist on Firebase being identified as existing where the candidate bucket names contain an underscore.
Example Firebase response where an underscore is present (and the bucket does not exist):
Example Firebase response where no underscore is present and the bucket does not exist:
This pull request removes '_' (underscore) characters from the Firebase regex to prevent the generation of invalid bucket names.
Remaining description copied from from BBOT PR: https://github.com/blacklanternsecurity/bbot/pull/1105
A Firebase datastore cannot validly have an underscore character in its name and the Firebase API returns a 403 HTTP status code if it does. The current logic expects that only a 404 status code means that the bucket does not exist. This results in buckets that cannot exist on Firebase being identified as existing where the candidate bucket names contain an underscore.
Example Firebase response where an underscore is present (and the bucket does not exist):
Example Firebase response where no underscore is present and the bucket does not exist: